bugs

The tech world as a whole is still reeling from the OpenSSL vulnerability that was so bad that it was baptized with its own name. Now Microsoft might have an equally terrible, or perhaps even worse, issue in its hands. A bug in its Schannel (short for "Secure channel") security package could, in theory, allow any hacker to remotely run a program just by sending a specially crafted network packet to a Windows server. To add insult to injury, this security exploit exists in a wide range of Windows version dating back 2003.

They may be one of the most disgusting insects you've ever seen, and laying eyes on one in your kitchen probably makes you want to scream, but one day cyborg cockroaches could save your life if you're trapped in a disaster. A pair of researchers from North Carolina State University have developed a way to control the bugs through a circuit board connected to their brain, and having them find the sources of sounds, including human voices.

Samsung has broken its silence regarding a reported security exploit that exists in its Find My Mobile service. That security hole could have potentially let hackers remotely lock, unlock, and ring a targeted device from Samsung's web service. Scary as that may sound, the OEM insists that not only would the hackers be limited to only those three actions, it would require a specific set of circumstances for the exploit to be used, which hopefully leaves majority of users unaffected and out of harm's way.

Google has just released updates to both its MyGlass companion app and the Google Glass XE22 firmware itself that adds the most requested feature of mirroring your phone's notifications. While it is a welcome change that makes the smart eyepiece a lot more useful for some people, it seems that the implementation hit a little snag. Aside from disabling notifications on an Android Wear smartwatch paired with the same phone, which is an explicit "feature", it apparently, hopefully accidentally, cuts off most, if not all, communication between the smartwatch and the smartphone as well.

We've heard about a lot of bugs this year, not the least of which being the recent "Shellshock" bug. Now Google researchers have discovered a bug in SSL 3.0 that could allow hackers to nab user data. The discovery was detailed today in a report published by the team, which says they were able to breach the protocol using what they call a "POODLE" attack -- Padding Oracle On Downgraded Legacy Encryption attack. With this, they have recommended that SSL 3.0 be disabled to mitigate the problem.

With all the hoopla around cloud services, their leaks, and their security holes, one name has managed to remain out of the media's spotlight. At least so far. It would, however, be naive to presume that Dropbox is infallible and perfect just because of that. In fact, this latest revelation just proves that it isn't immune from bugs that would irreversibly lose data as well. Luckily, at least if you believe the company, it only affects a rather small subset of Dropbox users.

iOS 8 might be taking another PR hit this week, though hopefully in a more limited fashion. Some users have started reporting that iOS 8's option to reset their phone's settings erased iWork files stored in the beta version of iCloud Drive, with some left without an option to recover them at all.

No, it's not the name of the bug itself nor is it a description of what you may do if you happen to be deeply affected by this security exploit. BASH, for Bourne Again SHell, is the most common command line (think, command prompt in Windows) shell in Linux and UNIX-like operating systems, which means that a bug like this leaves many computers connected to the Internet, like servers and even Macs, vulnerable to hijacking.

If you're a dedicated Chrome user and have noticed your Windows laptop plunging into an earlier death than normal, then you may very well blame a "feature" that was introduced way back in 2010. Though that feature made sense in a day and age when browser plugins, Java applets, and Flash dominated the Web, Chrome's high-performance system tweaking has now become a liability that Google doesn't seem to be keen on addressing quickly.

Yes, there is yet another lock screen bug on iOS 7, discovered just days after iOS 8 was unveiled. But while this bypass can get you access to one, yes just one, app in 5 seconds, if you're fast enough, it can only really be triggered if certain conditions are present.